Request for review: 8016046 (process) Strict validation of input should be security manager case only [win] (original) (raw)
Alan Bateman Alan.Bateman at oracle.com
Fri Jun 7 16:02:07 UTC 2013
- Previous message: Request for review: 8016046 (process) Strict validation of input should be security manager case only [win]
- Next message: Request for review: 8016046 (process) Strict validation of input should be security manager case only [win]
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 07/06/2013 10:02, Alexey Utkin wrote:
Hi, Please review the fix.
Bug description: http://bugs.sun.com/viewbug.do?bugid=8016046 https://jbs.oracle.com/bugs/browse/JDK-8016046 The suggested fix: http://cr.openjdk.java.net/~uta/openjdk-webrevs/JDK-8016046/webrev.00/ Summary: In absence of the Security Manager the verification procedure for the command-line was restored as before the JDK-8012453 fix. That suggests the ability of inline input/output redirection, piping, simultaneous launching of several programs by single command, lost spaces and etc. The extended verification procedure is activated in presence of the Security Manager or installing to "false" the "jdk.lang.Process.allowAmbiguousCommands" Java property. Given 15 years of sloppy usage of Runtime.exec on Windows then it was always going to be difficult to switch to tighter checking by default. So I think the solution is right and keeps existing code working. I also agree that it's useful to have a property to opt-in to get property checking of the input.
So the changes looks good to me. A minor comment on the test but in checkOut then it could use Files.notExists. It would be useful to expand the @bug to include the new bug ID too.
-Alan.
- Previous message: Request for review: 8016046 (process) Strict validation of input should be security manager case only [win]
- Next message: Request for review: 8016046 (process) Strict validation of input should be security manager case only [win]
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]